Your friend creates a website. You are curious and you ask him: “is it secure?”, which, in your mind, probably means “did you secure your
Read moreCarriage Return Line Feed (CRLF) Injection Explained
How does a server know when a new header begins and the old one ends or when a line is terminated? Simple. In order to note
Read more2017 OWASP Top 10 for PHP Developers Part 10: Insufficient Logging & Monitoring
Another day, another web application gets hacked. Most of the time web application hacks fly under the radar and are discovered years after the data breach
Read more2017 OWASP Top 10 for PHP Developers Part 9: Using Components with Known Vulnerabilities
Attacks on today’s web are an unsurprising reality – websites are hacked daily, data is being stolen and leaked left, right and centre. In many (though
Read more2017 OWASP Top 10 for PHP Developers Part 8: Insecure Deserialization
When developing a web application, web developers sometimes need to first turn data into a proper format so that it can be processed. Occasionally, converting
Read more